[Pdns-users] Domainkeys with Mysql backend servfail
Jos van Santen
j.vansanten at e2ma.nl
Thu Dec 10 13:07:28 UTC 2009
Hi Stefan,
The TXT record is inbetween quotation marks.
I found out that it breaks at the semi-colon in the TXT record, it is not a
result of the underscore.
An example TXT record is:
"k=rsa\;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCfvgMo245lekN+eHQipbDcEzEzAY
tWg3/OAvp66FLqRnF29yG/rUddTjFhA+KgZ5F3kXqK/ksX3N+oVFh150zZRc9HNxbJNdTeb/m+EK
MpwjiejL9mb8yuJo36QqEsgz5NohU8jBj10vNhkdnsjhLumO/VJQ/LiU78kOvJsT+EEwIDAQAB\;
"
This results in previous mentioned error:
pdns[9888]: Exception: unknown escape sequence
pdns[9888]: Exception building answer packet (unknown escape sequence)
sending out servfail
Escaping the semicolon and store it in the database as:
"k=rsa\\;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCfvgMo245lekN+eHQipbDcEzEzA
YtWg3/OAvp66FLqRnF29yG/rUddTjFhA+KgZ5F3kXqK/ksX3N+oVFh150zZRc9HNxbJNdTeb/m+E
KMpwjiejL9mb8yuJo36QqEsgz5NohU8jBj10vNhkdnsjhLumO/VJQ/LiU78kOvJsT+EEwIDAQAB\
\;"
A dig query on the server results:
;; ANSWER SECTION:
mailing._domainkey.xxxx.xxxxx. 86400 IN TXT
"k=rsa\\\;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCfvgMo245lekN+eHQipbDcEzEz
AYtWg3/OAvp66FLqRnF29yG/rUddTjFhA+KgZ5F3kXqK/ksX3N+oVFh150zZRc9HNxbJNdTeb/m+
EKMpwjiejL9mb8yuJo36QqEsgz5NohU8jBj10vNhkdnsjhLumO/VJQ/LiU78kOvJsT+EEwIDAQAB
\\\;"
This is not the expected result.
Regards
Jos
-----Oorspronkelijk bericht-----
Van: Stefan Schmidt [mailto:zaphodb at zaphods.net]
Verzonden: donderdag 10 december 2009 13:09
Aan: Jos van Santen
CC: pdns-users at mailman.powerdns.com
Onderwerp: Re: [Pdns-users] Domainkeys with Mysql backend servfail
Jos van Santen wrote:
> Hi
Hello Jos,
>
> I changed from Bind 9 to Powerdns 2.9.22 with a MySQL 5.0.77 backend
> but I notice serverfails while trying to retreive the domainkey records.
>
> dig @server txt mailing._domainkey.teilnahme.xxxxxxx
> doesn't return the right answer.
>
> In de server logs I do see the error:
>
> pdns[9888]: Exception: unknown escape sequence
> pdns[9888]: Exception building answer packet (unknown escape sequence)
> sending out servfail
>
> PowerDNS monitor show these DNS queries as "Queries that could not be
> answered due to backend errors"
>
> How can I solve this problem?
A common mistake is not to wrap TXT records in quotation marks within
the database. PowerDNS needs this to tell the difference between a
regular and a multipart TXT record i think.
Also from past conversations on IRCnet #powerdns i vaguely remember that
the underscore must be escaped by a backslash due to the backends safety
features, not absolutely sure about that however, it might just has been
the '.' that needed escaping.
If you find out what exactly needs to be done for Domainkeys please do
an FAQ entry at http://wiki.powerdns.com/trac/wiki/PowerDNSFaq , the
topic is quite a regular one afair.
Stefan
More information about the Pdns-users
mailing list